Article Preview
Top1. Introduction
This paper main concern is to understand how risk management technologies are constructed as technology of security to govern employees and managers alike in an Egyptian firm (Henceforth XYZ Company)1. The introduction of ERM as a base for governance is deployed as a powerful tool to govern employees in a way that affects their life (i.e., as a disciplinary and bio-political tool). We examine how risk-based governance (RBG) as a system of governance and control, reconfigures the conventional management process into a new mode of risk based control activities (Power, 2007). In doing so, we clarify how the dissemination and embracement of ERM, and its risk technologies have transformed the present governance system into new mode of RBG that subsumed the traditional management and control system.
Risk is a controversial concept which can be interpreted as hazard, damage, or threat. On one hand, it can be studied objectively through calculative techniques to avoid or reduce this damage. On the other hand, it may be interpreted subjectively as socially constructed or mediated fear, which is related to increased uncertainty, risk taking behaviour, cultural factors. This attitude assumes that risk is independent from its objective existence (Zinn, 2008). Yet, both subjective and objective perspectives are crucial in understanding what risk is, what implications it has for the governance process.
Further, risk can be a matter of management perception, framework, and instruments that deal with expected problems through regulatory systems and governance actions (O'Malley, 2004). This much points to “a new mode of accountability and monitoring in the name of risk” (Power, 2007, p. 4). Consequently, risk is seen “to become a source of principles for organising and managing in general” (Power, 2007, p. 2). Having said this, risk is best dealt with as a discourse that needs further understanding (Power, 2007).
Risk management (RM) is becoming a widely diffused set of practiced routines in nowadays businesses (Power, 2014; Power, 2016). Recently, the term ‘risk management’ appeared as a centre in the practice of management, and risk managers’ role in organisational charts is becoming crucial. Moreover, corporate governance has become unthinkable without reference to risk management (Bhimani, 2009). Thus, Risk and RM discourse has been a research theme in a variety of disciplines, all try to embrace its existence, expansion and management and governance methods. The literature addresses its social, political, and organisational dimensions, and examine an apparent interaction with technological, organisational, governance and corporate apparatuses and the resultant new models of regulation and controls (Bhimani, 2009; Power, 2007; Soin & Collier, 2013).
Risk has remade governance as enterprise risk management (ERM). ERM urges managers to align risk levels with organisational appetite and to improve the organisation's ability to deal with risk related decisions. As Merchant and Otley (2006, p. 787) state, “the field of risk management can be seen to incorporate the entire management control systems field since; risk management often involves a concern about companies' strategies and strategy formulation activities”. Such a mode of RBG is now coming to be aligned with neoliberal modes of organisational reconfigurations in least-developed countries (LDCs) (Harvey, 2007). We contribute to this debate by examining whether and how conventional modes of management in developing countries are subsumed by risk-based procedures?
This paper is unfolded in five remaining sections. Section 2 outlines the theoretical framework in which we draw on earlier Foucauldian studies to reach our theoretical notions. Section 3 discusses the research methods and methodology conducted in this study. Section 5 explains the transformation to ERM and how it has remade the governance and control of XYZ to be risk based. Finally, section 6 concludes the paper.